Recommendation for Ethernet chip needed

[djacobow]

I agree Linux is the better choice, however I just wanted to make the point that IF it is connected to the internet, and has open ports, any decent pentester can figure out within 1/2 hour which OS is running exactly, which SSL suite and which open source modules etc. etc. Look up in the vulnerability database all the vulnerabilities in those modules and if not updated owns that device and can use it for what it wants. Now making your own version of an OS/SSL stack is also not an option since although it would take an attacker much more time it actually would come down to security by obscurity.
However if you have a very simple device with no users with higher privileges, no software that can be modified etc. etc. you can become more safe than with Linux.
So actually the only secure thing you can do with any embedded Linux networked device that is not going to be monitored and updated is keep it away from the bad bad internet, close all ports and use other secure channels to communicate with it (a decent server with good firewall that is maintained and updated).
IoT: the Internet of Threads 

Did you mean Internet of Threats? 

Agree with everything you said. In general, if you have open ports, they will be attacked. You need a way to maintain the device. It's not a trivial problem, and I think most people getting into this space are not taking seriously enough. They think their device is not important enough to be an interesting victim, or they'll fix it when they have to, etc. It's an epic mess in the making.

[Kjelt]

Yes that is what I meant  excuse my dutchenglish.
Oh that little constrained IoT device might not be so interesting itself but the (home/business)network it is attached to might contain more interesting targets, if that little device is the easy way in ....... 

[nctnico]

Yes that is what I meant  excuse my dutchenglish.
Oh that little constrained IoT device might not be so interesting itself but the (home/business)network it is attached to might contain more interesting targets, if that little device is the easy way in ....... 

Now you are assuming an IoT device is connected to internet. The fact is that most network devices are not connected to internet directly so the chance of a device getting hacked is (virtually) zero. If you can access a device from internet it usually is through a central server so they can charge subscription money. The IoT device will use a 'phone home' scheme to contact a pre determined server. There is not much you can do to hack such a device. The weakest points in such a setup are the user application and the central server.

[djacobow]

Now you are assuming an IoT device is connected to internet. The fact is that most network devices are not connected to internet directly so the chance of a device getting hacked is (virtually) zero. If you can access a device from internet it usually is through a central server so they can charge subscription money. The IoT device will use a 'phone home' scheme to contact a pre determined server. There is not much you can do to hack such a device. The weakest points in such a setup are the user application and the central server.

Even if the device is always the driver it can be MITM'd if there is a weakness in the protocols or key exchange. And even if it can't be hacked to Do Something Bad, it can be snooped.

[Kjelt]

Now you are assuming an IoT device is connected to internet. The fact is that most network devices are not connected to internet directly so the chance of a device getting hacked is (virtually) zero.

For businesses yes, if their IT dept. is worth something they probably can keep it safe (although even the DoD in the US was hacked this year) and if their IT dept. has some balls they forbid cheap IoT devices on their network 
For home IoT devices, the nightmare is about to start.
I have read too much horrorstories to trust any commercial cheap device on my network. The hardest are that 40% of the routers are compromised in the factory or have known vulnerabilities. The same routers that should keep the bad guys out in many homes.
The easiest and stupidest example, heard about upnp? You might not even know what your router and new (NAS or external hdd) device are doing automatically behind your back opening ports because of some stupid commercial upnp protocol that both router and device have. And the funniest part is, no normal computer user knows even whats going on.
But then even normal PC's have become extremely vulnerable.
The PC user self clicking on a malware invested picture/pdf they find in their email or daily newspage.
And frankly it is not even the users fault, it is the software morons that instead of making webapplications and scripting safe they allow an outside script to take over your OS and computer 
Who thought of that? To allow a script from a webpage to be allowed to do anything with the OS or hardware. Next PC is going to have a VM and Sandboxie and still need to make backups every month 
Oh well, maybe my job makes me paranoid but I think it is getting much worse before it is getting somewhat better, all signs indicate that the IoT devices revolution when it starts with hundreds of million of connected devices might be the end of a workable internet, I hate to be right this time.

[nctnico]

Now you are assuming an IoT device is connected to internet. The fact is that most network devices are not connected to internet directly so the chance of a device getting hacked is (virtually) zero.

For businesses yes, if their IT dept. is worth something they probably can keep it safe (although even the DoD in the US was hacked this year) and if their IT dept. has some balls they forbid cheap IoT devices on their network 
For home IoT devices, the nightmare is about to start.
I have read too much horrorstories to trust any commercial cheap device on my network. The hardest are that 40% of the routers are compromised in the factory or have known vulnerabilities.
The PC user self clicking on a malware invested picture/pdf they find in their email or daily newspage.

A router is on the frontier of internet and the average PC user can be modelled as a moron. Neither situations are a threat for an IoT device though because a user isn't installing software on an IoT device and the IoT device doesn't have a direct connection to internet. Disclaimer: god forbid people are stupid enough to give every device they have a publicly accessible IPv6 address 

[djacobow]

A router is on the frontier of internet and the average PC user can be modelled as a moron. Neither situations are a threat for an IoT device though because a user isn't installing software on an IoT device and the IoT device doesn't have a direct connection to internet. Disclaimer: god forbid people are stupid enough to give every device they have a publicly accessible IPv6 address 

The IoT device is itself a threat to the rest of your network. Let's say IoT device has facility for self-upgrade by fetching a firmware image from a trusted server. Bad guy figures out how to spoof server and provide image that the unit will see as valid. That image turns IoT device into relay node for Bad Things. Or IoT device transmits back telemetry for "debug purposes" and that telemetry just happens to include Wifi key or other interesting security bits, and that information is easy to decrypt because IoT company stupidly put their private key on the Internet or on their devices. (has happened already). Or IoT device talks through proprietary gateway, with proprietary, but lame security, which exposes passwords, etc.

Personally, I'm not sure I want IoT devices on my network. I might _prefer_ that they be on the public internet with their own IP, on the OUTside of my private/quasi-secure network.

[nctnico]

A router is on the frontier of internet and the average PC user can be modelled as a moron. Neither situations are a threat for an IoT device though because a user isn't installing software on an IoT device and the IoT device doesn't have a direct connection to internet. Disclaimer: god forbid people are stupid enough to give every device they have a publicly accessible IPv6 address 

The IoT device is itself a threat to the rest of your network. Let's say IoT device has facility for self-upgrade by fetching a firmware image from a trusted server. Bad guy figures out how to spoof server and provide image that the unit will see as valid.

Nice theory... now try to perform such a hack... This would at least require spoofing the DNS, mimicing the server, creating a valid firmware image, etc. Not worth the trouble for a device which has very little processing power or storage space.

[djacobow]

Nice theory... now try to perform such a hack... This would at least require spoofing the DNS, mimicing the server, creating a valid firmware image, etc. Not worth the trouble for a device which has very little processing power or storage space.

We'll have to agree to disagree on the feasibility of such attack vectors. I have reason to believe they can and do happen. I'll grant you, the devices are not interesting themselves, but they will probably represent the softest targets on many networks (in part _because_ they are so underpowered, their implementations have cut corners), and once compromised could ease access to more interesting parts of the network.

[Kjelt]

Disclaimer: god forbid people are stupid enough to give every device they have a publicly accessible IPv6 address 

That is already been done and actually one of the big drivers for IPv6, each and every (tiny) device gets an unique (fixed) IP address (can be spoofed ofcourse).
Sensors, thermostats, lampdrivers you name it if they are going to be IP connected they are going to have an fixed IPv6 address.

[nctnico]

Disclaimer: god forbid people are stupid enough to give every device they have a publicly accessible IPv6 address 

That is already been done and actually one of the big drivers for IPv6, each and every (tiny) device gets an unique (fixed) IP address (can be spoofed ofcourse).
Sensors, thermostats, lampdrivers you name it if they are going to be IP connected they are going to have an fixed IPv6 address.

You didn't get my sarcasm: giving every device a publicly available IP address is insanely stupid because every device will be open to all kinds of attacks. The whole IPv6 idea of giving every device it's own public IP address is based on naive technocratic thinking. The beauty of having a NAT router between devices and the internet is that the risk for device specific attacks drops to zero because the devices can't be accessed directly.

[gmb42]

Disclaimer: god forbid people are stupid enough to give every device they have a publicly accessible IPv6 address 

That is already been done and actually one of the big drivers for IPv6, each and every (tiny) device gets an unique (fixed) IP address (can be spoofed ofcourse).
Sensors, thermostats, lampdrivers you name it if they are going to be IP connected they are going to have an fixed IPv6 address.

You didn't get my sarcasm: giving every device a publicly available IP address is insanely stupid because every device will be open to all kinds of attacks. The whole IPv6 idea of giving every device it's own public IP address is based on naive technocratic thinking. The beauty of having a NAT router between devices and the internet is that the risk for device specific attacks drops to zero because the devices can't be accessed directly.

And why wouldn't your IPv6 router to the wider internet implement inbound blocking rules?  Mine does.  I still have to add a rule to permit an inbound connection to the local devices behind the router, regardless of whether it's NATted IPv4 or straight public IPv6.

In summary, it's not NAT that blocks inbound connections, but router\firewall rules.

[nctnico]

In general you don't want to depend on settings in routers for devices to work. That is a recipe for dissaster. It is unlikely that your 80 year old neighbour knows hows how to setup router rules and the service guy who is going to replace it someday will copy the settings (if that is even possible). In companies you'll find IT departments may be absent or incapable/unwilling of making the required changes. It is not unheard of that it takes 4 months to reconfigure a simple broadband router to open a port.

[gmb42]

If that's what happens by default in your "super secure" IPv4 NAT router, why should the defaults be any different in an IPv6 router?  I've not come across such a wide open IPv6 router yet.

NAT in IPv4 is not a security mechanism, it's the firewall rules that don't allow inbound connections, NATted or otherwise that do that.

[nctnico]

Lets go back to where it started: IPv6 was introduced to give every conceivable device a unique IP address so each and every device in this solar system (and beyond) could talk to eachother directly. The last decade it has become clear that such a network is a maintenance and security nightmare and therefore undesirable. If your IPv6 devices are behind a router which blocks incoming connections then they are isolated from the internet just like IPv4 devices would be.

[Electro Fan]

What's the:

1. Lowest cost finished product that that supports Ethernet all the way out to a RJ45 jack?
2. Lowest cost dev platform/board/SoC/whatever that supports Ethernet all the way out to a RJ45 jack?

[westfw]

1. Lowest cost finished product that that supports Ethernet all the way out to a RJ45 jack?

Probably last years model of some wireless router; the one that doesn't do XXX, where XXX is the latest must-have feature (5GHz, Tri-band, quad-stream, ...)  Under $15 from reputable dealers (newegg)

2. Lowest cost dev platform/board/SoC/whatever that supports Ethernet all the way out to a RJ45 jack?

A much harder question, and much of what this thread had been about.  There's a big difference between a PIC/ENCJ combo barely able to communicate with raw ethernet packets, and a linux sbc capable of handling the latest secure internet protocols "in the os."  The "TI connected launchpad" is probably a good candidate.  Then there's that gaggle of ever-cheaper unix systems (raspberry pi, et al) (although they seem to be ditching ethernet in favor of wireless.  Go figure, what with wireless "modules" being cheaper than an RJ45 w/magnetics :-( )

[MagicSmoker]

Looking at the STM32F429 right now, so actually we only need something like a Microchip LAN8720A with MII.

This thread has veered off into the weeds, but for what it's worth, I've had an excellent experience with the LAN8720A PHY connected via RMII to an NXP ARM with a MAC. We use FreeRTOS/OpenRTOS and uIP for the TCP/IP stack. The RTOS worked right out of the box, so to speak, while uIP did require some tweaking, but not much, and it wasn't nearly as painful a process as our previous experience with a Wiznet SPI-to-Ethernet MAC/PHY combo (W5100).

Caveat: This is not something that is connected to the internet.

[richardman]

Ah, with the external memory and a real eth i/f we're getting well into the realm of being a "real computer."  Not what I was imagining when you first posted at all.

Curious how this compares, cost-wise with going with one of the ARM SoC kitchen sink "application processors" with MMU, on-board DRAM, etc. There's something to be said for being able to boot linux and access its device drivers, openssl, console access over ssh, scripting languages, etc, no fuss.

Sorry, out of the loop for a few days. You guys have been busy :-)

We have some very specific requirements in mind, and all shall be revealed probably in Jan/Feb 2016. Remember who we "are"  Currently F429+LAN8xxx something, and "lots" of external SRAM.

[Kjelt]

and "lots" of external SRAM.

Really SRAM or SDRAM? Care to share the partnr? , because wouldn't 512MB of pure SRAM skyrocket the BOM ?

[aon]

2. Lowest cost dev platform/board/SoC/whatever that supports Ethernet all the way out to a RJ45 jack?

A much harder question, and much of what this thread had been about.  There's a big difference between a PIC/ENCJ combo barely able to communicate with raw ethernet packets, and a linux sbc capable of handling the latest secure internet protocols "in the os."  The "TI connected launchpad" is probably a good candidate.  Then there's that gaggle of ever-cheaper unix systems (raspberry pi, et al) (although they seem to be ditching ethernet in favor of wireless.  Go figure, what with wireless "modules" being cheaper than an RJ45 w/magnetics :-( )

The EK-TM4C1294XL launchpad is indeed quite cheap, but when you want to buy the chip that's on it, the price is almost the same as for the whole Launchpad.

If you don't need a lot of performance or peripherals, Wiznet has their W7500(P) SoCs that bundle their TCP/IP+Ethernet stuff with a 48MHz Cortex-M0, 128k of flash and 16k of RAM at about $3/pc (the dev boards are ~$30). The P version has a built-in PHY and was just made available for order last night it seems - I think I'll wait for the European webshop or Mouser to carry them before I get mine, though.

There are some catches I've found while playing with them: they claim HW I2C support but the peripheral has bugs that render it unusable, and they've pretty much silently made their driver library use bitbang instead, and some versions of the block diagram show an RTC - the dev board has even a crystal for it, but there's no documentation for it whatsoever, possibly due to similar reasons as with I2C. Additionally, the only SWD debugging options at the moment seem to be the on-board programmer on the devboard and Keil's ULINK.

[MagicSmoker]

If you don't need a lot of performance or peripherals, Wiznet has their W7500(P) SoCs...
There are some catches I've found while playing with them: they claim HW I2C support but the peripheral has bugs that render it unusable...

The much older W5100 is quite buggy, too, and some of its (presumably firmware) problems have persisted for years. The worst one by far is that it routinely locks up and its hardware reset line can't save it.

[aon]

The much older W5100 is quite buggy, too, and some of its (presumably firmware) problems have persisted for years. The worst one by far is that it routinely locks up and its hardware reset line can't save it.

Yeah, I don't think I'd have the guts to use them in a commercial product in fear of what other issues might uncover themselves. For less serious stuff they're quite enticing tho, especially when coupled with a bargain bin chinese magjack

[nctnico]

I have looked at the newer Wiznet W5500 (IIRC) part and that seems more stable according to others. I started a thread on these chips a while ago and it looks like the power supply and reset cycle need proper attention. In case of doubt you can always put a PMOS in the power supply to the Wiznet chip so you can at least power cycle it.

[richardman]

Really SRAM or SDRAM? Care to share the partnr? , because wouldn't 512MB of pure SRAM skyrocket the BOM ?

Sorry, SDRAM.